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IN THE CLAIMS : 

Please re- write the claims as follows: 

1. (Currently Amended) A method for establishing identity in a file system, comprising: 

receivings from a client, a first Network File System (NFS) operation file request 
concerning an indicated file from a client , the first NFS operatio nr equest received by a 
proxy; 

forwarding the first NFS operation r equest from the proxy to be received by a file 

server; 

returning a NFS file handler epty associated with the first NFS operation file 
request from the file server to the proxy in response to the file server receiving the first 
NFS operation from the proxy : 

inserting, by the proxy, metadata into a -the NFS file handl e in response to 
receiving the NFS file handle from the file server, wherein the metadata is an encryption 
key ; aid 

sending, by the prox y in response to receiving the NFS file handle from the file 
server , the NFS file handle with the metadata inserted in the NFS file handle to the client 
as a reply to the first NFS operation: and 

using, by the client , the metadata and the NFS file handle in a second NFS 
operation to be used in further requests to identify the client and the indicated file. 

2. (Currently Amended) The method of Claim 1, further comprising: whereby 

^using the metadata in the NFS file handles eliminates for any of eliminating a need 

for the proxy to generate additional requests to the file server to establish file identity, 

and for completing client requests. 

3. (Previously Presented) The method of Claim 1, further comprising: 

encoding metadata in a form of a session key into the file handle, the session key 
expiring after a predetermined amount of time. 
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4. (Previously Presented) The method of Claim 1, further comprising: 

using an NFS file system as the file system. 

5. (Previously Presented) The method of Claim 1, further comprising: 

using a stateless protocol by the file system. 

6-29. (Cancelled). 

30. (Currently Amended) The method of claim 1, further comprising: 

receiving, from the client, a second file reques t NFS operation by the proxy, the 
second NFS operation file request comprising including the metadata in a further NFS file 
handle sent with the second feques tNFS operation ; 

identifying, in response to the metadata, the client as having a permission to 
submit the second file reques t NFS operation ; 

sending the second NFS operatio n file request to the file server and not sending 
the metadata with the second NFS file handle to the file sei-ver; and 

receiving by the proxy the-a_further NFS r eply from the file server, and sending 
by the proxy the further NFS r eply to the client. 

3 1 . (Previously Presented) A method for establishing identity in a file system, 
comprising: 

receiving a first file request concerning an indicated file from a client, the first file 
request received by a proxy; 

forwarding the first file request from the proxy to a file server; 

returning a reply associated with the first file request from the file server to the 
proxy, wherein the reply includes a file handle associated with the indicated file; 

inserting, by the proxy, metadata into the file handle; 

sending, by the proxy, the file handle with the metadata inserted in the file handle 
to the client, the metadata to be used in further requests to identify the client as having a 
permission to access the indicated file; 
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receiving, from the client, a second file request by the proxy, the second file 
request including the metadata in a second file handle sent with the second file request; 

identifying, in response to the metadata, that the client has the permission to 
submit the second file request; 

sending the second file request to the file server and not sending the metadata 
with the second file handle to the file server; and 

receiving by the proxy a second reply from the file server, and sending by the 
proxy the second reply to the client. 

32. (Currently Amended) An apparatus to establish identity in a file system, 
comprising: 

a proxy configured to receive a first Network File System (NFS) operation file 
request concerning an indicated file sent by a client to the file system, the proxy further 
configured to forward the first NFS operatio n request to be received by a file server; 

the file server configured to return a NFS file handlef eply associated with th e first 
NFS operation file request to the proxy in response to the file sei"ver receiving the first 
NFS operation from the prox y , wherein the reply includes a file handle : 

the proxy further configured to insert metadata into the NFS file handlejn 
response to receiving the NFS file handle from the file server, wherein the metadata is an 
encryption key ; and 

the proxy further configured to send the NFS file handle with the metadata 
inserted in the NFS file handle to the clien t as a reply to the first NFS operation , the 
metadata and the NFS file handle to be used in a second NFS operation to be used in 



33. (Currently Amended) The apparatus as in claim 32, further comprising: 

the proxy further configured to receive, by the client, a second NFS operationf ile 




-to identify the client and the indicated file. 



request , the second NFS operation file request comprising to include 
second NFS file handle sent with the second NFS operatio n request ; 



the metadata in the 
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the proxy to identify, in response to the metadata, the client as having a 
permission to submit the second file reques t NFS operation ; 

the proxy to send the second NFS operation file request to the file server and not 
to send the metadata with the second NFS file handle to the file server; and 

the proxy to receive a second NFS r eplv from the file server, and the proxy to 
send the second NFS r eply to the client. 

34. (Currently Amended) The apparatus of Claim 32, further comprising: 

the proxy to use the metadata in the NFS file handle received from the client to 
eliminate a need for additional communication with the file server to establish file 
identity. 

35. (Currently Amended) The apparatus of Claim 32, further comprising: 

the proxy to encode the metadata in a form of a session key into the NFS file 
handle, the session key expiring after a predetermined amount of time. 

36. (Previously Presented) The apparatus of Claim 32, further comprising: 

an NFS file system used as the file system. 

37. (Previously Presented) The apparatus of Claim 32, further comprising: 

a stateless protocol used by the file system. 

38. (Currently Amended) A non-volatile memory executed on a computer, comprising: 

said -the non- volatile memory containing procedures for execution on the 
computer for a method of establishing identity in a file system, the method having the 
steps of, 

receivings from a client, a first Network File System (NFS) operation file request 
concerning an indicated file from a client , the first NFS operationf equest received by a 

proxy; 
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forwarding the first NFS operationf eqBest from the proxy to be received by a file 

server; 

returning a NFS file handlc feply associated with the first NFS operationf ile 
request from the file server to the proxy in response to the file server receiving the first 
NFS operation from the prox y , wherein the reply includes a file handle associated with 
the indicated file ; 

inserting, by the proxy, metadata into the NFS file handl e in response to receiving 
the NFS file handle from the file server, wherein the metadata is an encryption key ; and 

sending, by the proxy in response to receiving the NFS file handle from the file 
server , the NFS file handle with the metadata inserted in the NFS file handle to the client 
as a reply to the first NFS operation: and 

using, by the client , the metadata and the NFS file handle in a second NFS 
operation to be used in further requests to identify the client and the indicated file. 

39. (Previously Presented) A method for establishing identity in a file system, 
comprising: 

receiving a first file request concerning an indicated file from a client, the first file 
request received by a proxy; 

forwarding the first file request from the proxy to a file server; 

granting a permission for the request to be acted upon by the file system in 
response to a predetermined protocol; 

returning a reply associated with the first file request from the file server to the 
proxy, wherein the reply includes a file handle associated with the indicated file; 

inserting, by the proxy, a session key into the file handle; and 

sending, by the proxy, the file handle with the session key inserted in the file 
handle to the client, the session key to be used in further requests to identify the client 
and the indicated file. 



40. (Currently Amended) The method non-volatile memory of Claim 38 { 
claim 39 , further comprising: 
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receiving, from the client, a second NFS operatio n file request by the proxy, the 
second NFS operation file reques t comprising including a^ session key in a second NFS 
file handle sent with the second NFS operation file request ; 

identifying, in response to the session key, that the client has the permission to 
submit the second NFS operatio n file request ; 

sending the second NFS operation file request to the file server £ind not sending 
the session key with the second NFS file handle to the file server; and 

receiving by the proxy a second NFS r eply from the file server, £ind sending by 
the proxy the second NFS r eply to the client. 

41. (Currently Amended) The non- volatile memory of Claim 40 method according to 
claim 39 , further comprising: 

causing the session key to expire after a selected amount of time. 

42. (Currently Amended) The non- volatile memory of Claim 40 method according to 

claim 39 , further comprising: 

causing the session key to expire after a selected amount of usage. 



43. (Currently Amended) The non- volatile memory of Claim 3Si 
claim 39 , further comprising: 

using a NFS file server as the file serveq 



44. (Currently Amended) The non- volatile memory of Claim 38 method according to 
claim 4 3 , further comprising: 

using as the predetermined protocol a two way communication exchange between 
the proxy and the file server. 



45. (Previously Presented) An apparatus to establish identity in a file system, 

comprising: 
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3 a proxy to receive a file request sent by a client to the file system, the proxy to 

4 forward the request to a file server; 

5 the file server to return a reply associated with the file request to the proxy, 

6 wherein the reply includes a file handle; 

7 the proxy to insert a session key into the file handle; and 

8 the proxy to send the file handle with the session key inserted in the file handle to 

9 the client, the session key to be used in further requests to identify the client £ind the 

10 indicated file. 

1 46. (Previously Presented) The apparatus as in claim 45, further comprising: 

2 the proxy to receive, by the client, a second file request, the second file request to 

3 include the session key in a further file handle sent with the second request; 

4 the proxy to identify, in response to the session key, the client as having a 

5 permission to submit the another file request; 

6 the proxy to send the second request to the file server and not to send the session 

7 key with the second file handle to the file server; and 

8 the proxy to receive a further reply from the file server, and the proxy to send the 

9 further reply to the client. 

1 47. (Previously Presented) The apparatus of Claim 45, further comprising: 

2 the proxy to use the metadata in the file handle received from the client to 

3 eliminate a need for additional communication with the file server to establish file 

4 identity. 

1 48. (Previously Presented) The apparatus of Claim 45, further comprising: 

2 the proxy to encode the metadata in a form of a session key into the file handle, 

3 the session key expiring after a predetermined amount of time. 

1 49. (Previously Presented) The apparatus of Claim 45, further comprising: 

2 an NFS file system used as the file system. 
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1 50. (Previously Presented) The apparatus of Claim 45, further comprising: 

2 a stateless protocol used by the file system. 

1 51. (Previously Presented) An apparatus to establish identity in a file system, 

2 comprising: 

3 a proxy configured to receive a first file request sent by a client to the file system, 

4 the proxy further configured to forward the first file request to a file server; 

5 the file server configured to return a reply associated with the first file request to 

6 the proxy; 

7 the proxy further configured to insert a session key into a file handle; 

8 the proxy further configured to send the file handle with the session key inserted 

9 in the file handle to the client, the session key configured to be used in a second file 

10 request to identify the client and the indicated file; 

1 1 the proxy further configured to receive, by the client, a second file request, the 

12 second file request configured to include the session key in a second file handle sent with 

13 the second file request; 

14 the proxy further configured to identify, in response to the session key, the client 

15 as having a permission to submit the second file request; 

16 the proxy further configured to send the second file request to the file server and 

17 not to send the session key with the second file handle to the file server; and 

18 the proxy further configured to receive a second reply from the file server, and the 

19 proxy further configured to send the second reply to the client. 

1 52. (Previously Presented) A method for establishing identity in a file system, 

2 comprising: 

3 receiving a first file request concerning an indicated file from a client, the first file 

4 request received by a proxy; 

5 forwarding the first file request from the proxy to a file server; 

6 determining that the client has a permission to have the request acted upon by the 

7 file system in response to a predetermined protocol; 

9 
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returning a reply associated with the first file request from the file server to the 
proxy, wherein the reply includes a file handle associated with the indicated file; 

inserting, by the proxy, a ciyptographic information into the file handle; 

sending, by the proxy, the file handle with the cryptographic information inserted 
in the file handle to the client, the cryptographic information to be used in one or more 
requests to identify the client and the indicated file. 

53. (Previously Presented) The method according to claim 52, further comprising: 

receiving, by the client, a second file request by the proxy, the second file request 
including the cryptographic information in a second file handle sent with the second file 
request; 

identifying, in response to the cryptographic information, that the client has the 
permission to submit the second file request; 

sending the second file request to the file server and not sending the cryptographic 
information with the second file handle to the file server; and 

receiving by the proxy a second reply from the file server, and sending by the 
proxy the second reply to the client. 

54. (Previously Presented) The method according to claim 52, further comprising: 

causing the cryptographic information to expire after a selected amount of time. 

55. (Previously Presented) The method according to claim 52, further comprising: 

causing the cryptographic information to expire after a selected amount of usage. 

56. (Previously Presented) The method according to claim 52, further comprising: 

using a NFS protocol as the predetermined protocol. 

57. (Previously Presented) The method according to claim 52, further comprising: 

using as the predetermined protocol a two way communication exchange between 
the proxy and the file server. 
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58. (Previously Presented) An apparatus to establish identity in a file system, 
comprising: 

a proxy configured to receive a file request for an indicated file sent by a client to 
the file system, the proxy further configured to forward the request to a file server; 

the file server configured to return a reply associated with the file request to the 
proxy, wherein the reply is configured to include a file handle; 

the proxy further configured to insert a cryptographic information into the file 
handle; and 

the proxy further configured to send the file handle with the cryptographic 
information inserted in the file handle to the client, the cryptographic information 
configured to be used in further requests to identify the client and the indicated file. 

59. (Previously Presented) The apparatus as in claim 58, further comprising: 

the proxy further configured to receive, by the client, a second request, the second 
file request to include the cryptographic information in a second file handle sent with the 
second request; 

the proxy further configured to identify, in response to the cryptographic 
information, the client as having a permission to submit the second file request; 

the proxy further configured to send the second request to the file server and not 
to send the cryptographic information with the second file handle to the file server; and 

the proxy further configured to receive a further reply from the file server, and the 
proxy to send the further reply to the client. 

60. (Previously Presented) The apparatus of claim 58, further comprising: 

the proxy further configured to use the metadata in the file handle received from 
the client to eliminate a need for additional communication with the file server to 
establish file identity. 
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61. (Previously Presented) The apparatus of claim 58, further comprising: 

the proxy further configured to encode the metadata in a form of a cryptographic 
information into the file handle, the cryptographic information configured to expire after 
a predetermined amount of time. 

62. (Previously Presented) The apparatus of claim 58, further comprising: 

an NFS file system used as the file system. 

63. (Previously Presented) The apparatus of claim 58, further comprising: 

a stateless protocol used by the file system. 

64. (Previously Presented) An apparatus to establish identity in a file system, 
comprising: 

a proxy configured to receive a first file request sent by a client to the file 
system, the proxy to forward the first file request to a file server; 

the file server configured to return a reply associated with the first file request 
to the proxy; 

the proxy further configured to insert a cryptographic information into a file 

handle; 

the proxy further configured to send the file handle with the cryptographic 
information inserted in the file handle to the client, the cryptographic information 
configured to be used in a second file request to identify the client and the indicated 

file; 

the proxy further configured to receive, by the client, a second file request, the 
second file request configured to include the cryptographic information in a second 
file handle sent with the second file request; 

the proxy further configured to identify, in response to the cryptographic 
information, the client as having a permission to submit the second file request; 
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the proxy further configured to send the second file request to the file server 
and not to send the cryptographic information with the second file handle to the file 
server; and 

the proxy further configured to receive a second reply from the file server, and 
the proxy to send the second reply to the client. 

65. (Previously Presented) A method for establishing identity in a file system, 
comprising: 

receiving a file request concerning an indicated file from a client, the request 
received by a proxy; 

forwarding the request from the proxy to a file server; 

returning a reply associated with the file request from the file server to the 
proxy, wherein the reply includes a file handle associated with the indicated file; 

inserting, by the proxy, metadata into the file handle; and 

sending, by the proxy, the file handle with the metadata inserted in the file 
handle to the client, a size of the file handle set to a sum of a length of the server file 
handle and a length of the proxy metadata, the metadata to be used in further requests 
to identify the client and the indicated file. 

66. (Previously Presented) A method, comprising: 

receiving, by a proxy, a file request for a file sent from a client; 

forwarding the file request from the proxy to a file server; 

returning a reply associated with the file request from the file server to the 
proxy, wherein the reply includes a file handle; 

inserting, by the proxy, metadata into the file handle; 

sending, by the proxy, the file handle with the metadata inserted in the file 
handle to the client; and 

using, by the client, the metadata inserted into the file handle in a subsequent 
file request to identify the client and the file. 
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67. (Previously Presented) A computer apparatus, comprising: 

a proxy configured to receive a client file request for a file and forward the 
file request from the proxy to a file server; 

the server configured to return a reply associated with the file request, wherein 
the reply includes a file handle; 

the proxy further configured to intercept the file handle sent from the server 
and insert metadata into the file handle to create a modified file handle; 

the proxy further configured to send the modified file handle with the 
metadata inserted in the file handle to the client; and 

the proxy further configured to receive the modified file handle from the client 
for a second file request for the file, wherein the proxy is further configured to use the 
modified file handle to eliminate a need for the proxy to generate one or more 
additional requests to the server that would be required to access the file if the 
modified file handle did not include the inserted metadata. 
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